Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(186)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: android_webview/java/src/org/chromium/android_webview/AwSettings.java

Issue 1882783002: [WebView] Disallow geolocation on insecure origins for apps targeting N and higher. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: address Torne's comment Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « android_webview/glue/java/src/com/android/webview/chromium/WebViewChromium.java ('k') | android_webview/javatests/src/org/chromium/android_webview/test/AwSettingsTest.java » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 The Chromium Authors. All rights reserved. 1 // Copyright 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 package org.chromium.android_webview; 5 package org.chromium.android_webview;
6 6
7 import android.annotation.SuppressLint; 7 import android.annotation.SuppressLint;
8 import android.content.Context; 8 import android.content.Context;
9 import android.content.pm.PackageManager; 9 import android.content.pm.PackageManager;
10 import android.os.Handler; 10 import android.os.Handler;
(...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after
90 private boolean mVideoOverlayForEmbeddedVideoEnabled = false; 90 private boolean mVideoOverlayForEmbeddedVideoEnabled = false;
91 private boolean mForceVideoOverlayForTests = false; 91 private boolean mForceVideoOverlayForTests = false;
92 private boolean mOffscreenPreRaster = false; 92 private boolean mOffscreenPreRaster = false;
93 private int mDisabledMenuItems = MENU_ITEM_NONE; 93 private int mDisabledMenuItems = MENU_ITEM_NONE;
94 94
95 // Although this bit is stored on AwSettings it is actually controlled via t he CookieManager. 95 // Although this bit is stored on AwSettings it is actually controlled via t he CookieManager.
96 private boolean mAcceptThirdPartyCookies = false; 96 private boolean mAcceptThirdPartyCookies = false;
97 97
98 private final boolean mSupportLegacyQuirks; 98 private final boolean mSupportLegacyQuirks;
99 private final boolean mAllowEmptyDocumentPersistence; 99 private final boolean mAllowEmptyDocumentPersistence;
100 private final boolean mAllowGeolocationOnInsecureOrigins;
100 101
101 private final boolean mPasswordEchoEnabled; 102 private final boolean mPasswordEchoEnabled;
102 103
103 // Not accessed by the native side. 104 // Not accessed by the native side.
104 private boolean mBlockNetworkLoads; // Default depends on permission of emb edding APK. 105 private boolean mBlockNetworkLoads; // Default depends on permission of emb edding APK.
105 private boolean mAllowContentUrlAccess = true; 106 private boolean mAllowContentUrlAccess = true;
106 private boolean mAllowFileUrlAccess = true; 107 private boolean mAllowFileUrlAccess = true;
107 private int mCacheMode = WebSettings.LOAD_DEFAULT; 108 private int mCacheMode = WebSettings.LOAD_DEFAULT;
108 private boolean mShouldFocusFirstNode = true; 109 private boolean mShouldFocusFirstNode = true;
109 private boolean mGeolocationEnabled = true; 110 private boolean mGeolocationEnabled = true;
(...skipping 93 matching lines...) Expand 10 before | Expand all | Expand 10 after
203 } 204 }
204 205
205 interface ZoomSupportChangeListener { 206 interface ZoomSupportChangeListener {
206 public void onGestureZoomSupportChanged( 207 public void onGestureZoomSupportChanged(
207 boolean supportsDoubleTapZoom, boolean supportsMultiTouchZoom); 208 boolean supportsDoubleTapZoom, boolean supportsMultiTouchZoom);
208 } 209 }
209 210
210 public AwSettings(Context context, 211 public AwSettings(Context context,
211 boolean isAccessFromFileURLsGrantedByDefault, 212 boolean isAccessFromFileURLsGrantedByDefault,
212 boolean supportsLegacyQuirks, 213 boolean supportsLegacyQuirks,
213 boolean allowEmptyDocumentPersistence) { 214 boolean allowEmptyDocumentPersistence,
215 boolean allowGeolocationOnInsecureOrigins) {
214 boolean hasInternetPermission = context.checkPermission( 216 boolean hasInternetPermission = context.checkPermission(
215 android.Manifest.permission.INTERNET, 217 android.Manifest.permission.INTERNET,
216 Process.myPid(), 218 Process.myPid(),
217 Process.myUid()) == PackageManager.PERMISSION_GRANTED; 219 Process.myUid()) == PackageManager.PERMISSION_GRANTED;
218 synchronized (mAwSettingsLock) { 220 synchronized (mAwSettingsLock) {
219 mHasInternetPermission = hasInternetPermission; 221 mHasInternetPermission = hasInternetPermission;
220 mBlockNetworkLoads = !hasInternetPermission; 222 mBlockNetworkLoads = !hasInternetPermission;
221 mEventHandler = new EventHandler(); 223 mEventHandler = new EventHandler();
222 if (isAccessFromFileURLsGrantedByDefault) { 224 if (isAccessFromFileURLsGrantedByDefault) {
223 mAllowUniversalAccessFromFileURLs = true; 225 mAllowUniversalAccessFromFileURLs = true;
224 mAllowFileAccessFromFileURLs = true; 226 mAllowFileAccessFromFileURLs = true;
225 } 227 }
226 228
227 mUserAgent = LazyDefaultUserAgent.sInstance; 229 mUserAgent = LazyDefaultUserAgent.sInstance;
228 230
229 // Best-guess a sensible initial value based on the features support ed on the device. 231 // Best-guess a sensible initial value based on the features support ed on the device.
230 mSpatialNavigationEnabled = !context.getPackageManager().hasSystemFe ature( 232 mSpatialNavigationEnabled = !context.getPackageManager().hasSystemFe ature(
231 PackageManager.FEATURE_TOUCHSCREEN); 233 PackageManager.FEATURE_TOUCHSCREEN);
232 234
233 // Respect the system setting for password echoing. 235 // Respect the system setting for password echoing.
234 mPasswordEchoEnabled = Settings.System.getInt(context.getContentReso lver(), 236 mPasswordEchoEnabled = Settings.System.getInt(context.getContentReso lver(),
235 Settings.System.TEXT_SHOW_PASSWORD, 1) == 1; 237 Settings.System.TEXT_SHOW_PASSWORD, 1) == 1;
236 238
237 // By default, scale the text size by the system font scale factor. Embedders 239 // By default, scale the text size by the system font scale factor. Embedders
238 // may override this by invoking setTextZoom(). 240 // may override this by invoking setTextZoom().
239 mTextSizePercent *= context.getResources().getConfiguration().fontSc ale; 241 mTextSizePercent *= context.getResources().getConfiguration().fontSc ale;
240 242
241 mSupportLegacyQuirks = supportsLegacyQuirks; 243 mSupportLegacyQuirks = supportsLegacyQuirks;
242 mAllowEmptyDocumentPersistence = allowEmptyDocumentPersistence; 244 mAllowEmptyDocumentPersistence = allowEmptyDocumentPersistence;
245 mAllowGeolocationOnInsecureOrigins = allowGeolocationOnInsecureOrigi ns;
243 } 246 }
244 // Defer initializing the native side until a native WebContents instanc e is set. 247 // Defer initializing the native side until a native WebContents instanc e is set.
245 } 248 }
246 249
247 @CalledByNative 250 @CalledByNative
248 private void nativeAwSettingsGone(long nativeAwSettings) { 251 private void nativeAwSettingsGone(long nativeAwSettings) {
249 assert mNativeAwSettings != 0 && mNativeAwSettings == nativeAwSettings; 252 assert mNativeAwSettings != 0 && mNativeAwSettings == nativeAwSettings;
250 mNativeAwSettings = 0; 253 mNativeAwSettings = 0;
251 } 254 }
252 255
(...skipping 995 matching lines...) Expand 10 before | Expand all | Expand 10 after
1248 assert Thread.holdsLock(mAwSettingsLock); 1251 assert Thread.holdsLock(mAwSettingsLock);
1249 return mSupportLegacyQuirks; 1252 return mSupportLegacyQuirks;
1250 } 1253 }
1251 1254
1252 @CalledByNative 1255 @CalledByNative
1253 private boolean getAllowEmptyDocumentPersistenceLocked() { 1256 private boolean getAllowEmptyDocumentPersistenceLocked() {
1254 assert Thread.holdsLock(mAwSettingsLock); 1257 assert Thread.holdsLock(mAwSettingsLock);
1255 return mAllowEmptyDocumentPersistence; 1258 return mAllowEmptyDocumentPersistence;
1256 } 1259 }
1257 1260
1261 @CalledByNative
1262 private boolean getAllowGeolocationOnInsecureOrigins() {
1263 assert Thread.holdsLock(mAwSettingsLock);
1264 return mAllowGeolocationOnInsecureOrigins;
1265 }
1266
1258 /** 1267 /**
1259 * See {@link android.webkit.WebSettings#setUseWideViewPort}. 1268 * See {@link android.webkit.WebSettings#setUseWideViewPort}.
1260 */ 1269 */
1261 public void setUseWideViewPort(boolean use) { 1270 public void setUseWideViewPort(boolean use) {
1262 if (TRACE) Log.d(LOGTAG, "setUseWideViewPort=" + use); 1271 if (TRACE) Log.d(LOGTAG, "setUseWideViewPort=" + use);
1263 synchronized (mAwSettingsLock) { 1272 synchronized (mAwSettingsLock) {
1264 if (mUseWideViewport != use) { 1273 if (mUseWideViewport != use) {
1265 mUseWideViewport = use; 1274 mUseWideViewport = use;
1266 onGestureZoomSupportChanged( 1275 onGestureZoomSupportChanged(
1267 supportsDoubleTapZoomLocked(), supportsMultiTouchZoomLoc ked()); 1276 supportsDoubleTapZoomLocked(), supportsMultiTouchZoomLoc ked());
(...skipping 570 matching lines...) Expand 10 before | Expand all | Expand 10 after
1838 private native void nativeUpdateWebkitPreferencesLocked(long nativeAwSetting s); 1847 private native void nativeUpdateWebkitPreferencesLocked(long nativeAwSetting s);
1839 1848
1840 private static native String nativeGetDefaultUserAgent(); 1849 private static native String nativeGetDefaultUserAgent();
1841 1850
1842 private native void nativeUpdateFormDataPreferencesLocked(long nativeAwSetti ngs); 1851 private native void nativeUpdateFormDataPreferencesLocked(long nativeAwSetti ngs);
1843 1852
1844 private native void nativeUpdateRendererPreferencesLocked(long nativeAwSetti ngs); 1853 private native void nativeUpdateRendererPreferencesLocked(long nativeAwSetti ngs);
1845 1854
1846 private native void nativeUpdateOffscreenPreRasterLocked(long nativeAwSettin gs); 1855 private native void nativeUpdateOffscreenPreRasterLocked(long nativeAwSettin gs);
1847 } 1856 }
OLDNEW
« no previous file with comments | « android_webview/glue/java/src/com/android/webview/chromium/WebViewChromium.java ('k') | android_webview/javatests/src/org/chromium/android_webview/test/AwSettingsTest.java » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698